Back to bug 1306021
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Kurt Seifried | 2016-02-09 20:56:22 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-02-09 20:56:22 UTC | Doc Type | --- | Bug Fix |
| Kurt Seifried | 2016-02-09 20:58:25 UTC | Blocks | 1306023 | |
| Kurt Seifried | 2016-02-09 21:43:38 UTC | CC | asn | |
| Andreas Schneider | 2016-02-09 21:44:35 UTC | CC | daniel | |
| Andreas Schneider | 2016-02-17 09:53:29 UTC | CC | meissner | |
| Andreas Schneider | 2016-02-18 16:38:07 UTC | CC | fweimer | |
| Clifford Perry | 2016-02-18 17:06:13 UTC | CC | cperry | |
| Huzaifa S. Sidhpurwala | 2016-02-19 10:34:04 UTC | Depends On | 1310049 | |
| Huzaifa S. Sidhpurwala | 2016-02-19 10:34:14 UTC | Depends On | 1310050 | |
| Huzaifa S. Sidhpurwala | 2016-02-19 10:34:35 UTC | Depends On | 1310051 | |
| Huzaifa S. Sidhpurwala | 2016-02-19 10:34:56 UTC | Depends On | 1310053 | |
| Florian Weimer | 2016-02-19 11:08:49 UTC | CC | fweimer | |
| Karel Srot | 2016-02-22 06:30:37 UTC | CC | ksrot | |
| Kamil Dudka | 2016-02-22 08:14:02 UTC | Summary | EMBARGOED CVE-2016-0787 libssh2: bits/bytes confuson resulting in truncated Difffie-Hellman secret length | EMBARGOED CVE-2016-0787 libssh2: bits/bytes confuson resulting in truncated Diffie-Hellman secret length |
| Andreas Schneider | 2016-02-23 14:30:03 UTC | Summary | EMBARGOED CVE-2016-0787 libssh2: bits/bytes confuson resulting in truncated Diffie-Hellman secret length | EMBARGOED CVE-2016-0787 libssh2: bits/bytes confusion resulting in truncated Diffie-Hellman secret length |
| Adam Mariš | 2016-02-23 15:26:11 UTC | CC | amaris | |
| Adam Mariš | 2016-02-23 15:28:38 UTC | Fixed In Version | libssh2 1.7.0 | |
| Adam Mariš | 2016-02-23 15:31:00 UTC | Whiteboard | impact=moderate,public=no,reported=20160209,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cwe=CWE-704,rhel-6/libssh2=affected,rhel-7/libssh2=affected,fedora-all/libssh2=affected,fedora-all/mingw-libssh2=affected,epel-5/libssh2=affected,epel-7/mingw-libssh2=affected | impact=moderate,public=20160223,reported=20160209,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cwe=CWE-704,rhel-6/libssh2=affected,rhel-7/libssh2=affected,fedora-all/libssh2=affected,fedora-all/mingw-libssh2=affected,epel-5/libssh2=affected,epel-7/mingw-libssh2=affected |
| Adam Mariš | 2016-02-23 15:31:05 UTC | Summary | EMBARGOED CVE-2016-0787 libssh2: bits/bytes confusion resulting in truncated Diffie-Hellman secret length | CVE-2016-0787 libssh2: bits/bytes confusion resulting in truncated Diffie-Hellman secret length |
| Adam Mariš | 2016-02-23 15:31:10 UTC | Group | security, qe_staff | |
| Adam Mariš | 2016-02-23 15:33:12 UTC | Depends On | 1311214 | |
| Adam Mariš | 2016-02-23 15:33:23 UTC | Depends On | 1311215 | |
| Adam Mariš | 2016-02-23 15:33:30 UTC | Depends On | 1311216 | |
| Adam Mariš | 2016-02-23 15:33:37 UTC | Depends On | 1311217 | |
| Slawomir Czarko | 2016-02-24 09:14:49 UTC | CC | slawomir | |
| Martin Prpič | 2016-02-24 09:56:02 UTC | Doc Text | A type confusion issue was found in the way libssh and libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters. | |
| Martin Prpič | 2016-02-24 09:59:12 UTC | Doc Text | A type confusion issue was found in the way libssh and libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters. | A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters. |
| Norman Sardella | 2016-02-26 18:18:03 UTC | CC | sardella | |
| Huzaifa S. Sidhpurwala | 2016-03-10 08:02:31 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-03-10 03:02:31 UTC | |||
| Adam Mariš | 2016-11-08 15:54:23 UTC | CC | amaris | |
| Product Security DevOps Team | 2019-09-29 13:44:17 UTC | Whiteboard | impact=moderate,public=20160223,reported=20160209,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cwe=CWE-704,rhel-6/libssh2=affected,rhel-7/libssh2=affected,fedora-all/libssh2=affected,fedora-all/mingw-libssh2=affected,epel-5/libssh2=affected,epel-7/mingw-libssh2=affected |
Back to bug 1306021